Installer trust chain validation

Invention Grant

US09098706B1 Installer trust chain validation 有权

Title translation: 安装员信任链验证

Please log in to see more content

Patent Title: Installer trust chain validation
Patent Title (中): 安装员信任链验证
Application No.: US11496852

Application Date: 2006-07-31
Publication No.: US09098706B1

Publication Date: 2015-08-04
Inventor: Mark Kennedy
Applicant: Mark Kennedy
Applicant Address: US CA Mountain View
Assignee: Symantec Corporation
Current Assignee: Symantec Corporation
Current Assignee Address: US CA Mountain View
Agency: Wilmer Cutler Pickering Hale and Dorr LLP
Main IPC: G06F9/445
IPC: G06F9/445 ; G06F12/14 ; G06F12/16 ; G06F11/00 ; G06F21/57 ; G06F21/56 ; H04L9/32

Abstract:

A determination is made as to whether a creator of a created executable file is a trusted installer, e.g., a digitally signed installer. Upon a determination that the creator is a trusted installer, the created executable file is defined as a trusted file. By bestowing the trust of a trusted installer to the executable files that the installer creates, suspicious behavior by the created executable files and associated processes, which otherwise would be blocked, is allowed. In this manner, false positives, e.g., blocking of legitimate behavior by the created executable file and associated process(es), are avoided.

Abstract(Chinese):

确定创建的可执行文件的创建者是否是信任的安装程序，例如数字签名的安装程序。确定创建者是受信任的安装程序后，将创建的可执行文件定义为可信文件。通过将受信任的安装程序的信任授予安装程序创建的可执行文件，允许创建的可执行文件和关联进程的可疑行为（否则将被阻止）。以这种方式，避免了错误的肯定，例如通过创建的可执行文件和相关联的进程来阻止合法行为。

Information query

Espacenet

IPC分类:

G	物理
G06	计算；推算或计数
G06F	电数字数据处理（基于特定计算模型的计算机系统入G06N）
G06F9/00	程序控制装置，例如，控制单元（用于外部设备的程序控制入G06F13/10）
G06F9/06	.应用存入的程序的，即应用处理设备的内部存储来接收程序并保持程序的
G06F9/44	..用于执行专门程序的装置
G06F9/445	...程序的加载或启动（引导程序入G06F 9/4401；程序装载或启动的安全装置入G06F 21/57）